[SingCERT] Oracle WebLogic Server Node Manager 'beasvc.exe' Remote Command Execution

Main Menu

Mailing List

[SingCERT] Oracle WebLogic Server Node Manager 'beasvc.exe' Remote Command Execution

Last Updated on Monday, 08 February 2010 12:13

Attention: open in a new window.

[ Summary ]

Oracle WebLogic Server is prone to a remote command-execution vulnerability.

More... Attackers can leverage on the vulnerability to execute arbitrary commands. Specifically, the Network Manager utility 'beasvc.exe' will accept connections without requiring authentication.

[ Impact Analysis ] Attackers may execute arbitrary shell commands with the privileges of the affected process via the 'EXECSCRIPT' command. Successful attacks can compromise the affected software and possibly the computer.

[ Solution/Workaround ]

Vendor updates are available. Please see the references vendor advisory for more information.

[ Reference ]

http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html
http://intevydis.blogspot.com/2010/01/oracle-weblogic-1032-node-manager-fun.html
http://blogs.oracle.com/security/2010/02/security_alert_for_cve-2010-00.html

Attackers can exploit this issue to execute arbitrary commands with the

privileges of the affected application.

< Prev		Next >

Search, View and Navigation

Main Menu

Mailing List

Archive

[SingCERT] Oracle WebLogic Server Node Manager 'beasvc.exe' Remote Command Execution

Additional Information

Symantec Security Alerts